status-im
/
miniupnp
mirror of https://github.com/status-im/miniupnp.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

README.md: updated. fix titles

This commit is contained in:
Thomas Bernard 2021-12-16 00:29:39 +01:00
parent 2bfed34e8c
commit 78823d762e
No known key found for this signature in database
GPG Key ID: DB511043A31ACAAF
1 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
miniupnpd/netfilter_nft/README.md
View File

@ -1,26 +1,23 @@
Miniupnpd nftables support by Tomofumi Hayashi (s1061123@gmail.com). Miniupnpd nftables support by Tomofumi Hayashi (s1061123@gmail.com).
##Current Status ## Supported Features
nftables support is 'alpha' version, not "so much" stable.
##Supported Features
- IPv4 NAT/Filter add/del. - IPv4 NAT/Filter add/del.
##How to build miniupnpd with nftables: ## How to build miniupnpd with nftables:
Run 'make' command with 'Makefile.linux_nft', Run 'configure' command with '--firewall=nftables',
`make -f Makefile.linux_nft` `./configure --firewall=nftables && make`
##How to Run ## How to Run
Please run 'netfilter_nft/scripts/nft_init.sh' to add miniupnpd chain. Please run 'netfilter_nft/scripts/nft_init.sh' to add miniupnpd chain.
`sudo ./netfilter_nft/scripts/nft_init.sh` `sudo ./netfilter_nft/scripts/nft_init.sh`
##FAQ ## FAQ
I will add this section when I get question. I will add this section when I get question.
Comments and Questions are welcome ;) Comments and Questions are welcome ;)
###Custom Chains ### Custom Chains
NFTables is very flexible but it comes with some restrictions because of that. If there is a second filter chain than all packets that were passed before with the miniupnpd chain will be reevaluated. This also means that if the chain is a drop chain you loose the packets. In that case you really want to use a custom chain and jump to it in your filter chain. miniupnpd should save all accept rules in that custom chain. NFTables is very flexible but it comes with some restrictions because of that. If there is a second filter chain than all packets that were passed before with the miniupnpd chain will be reevaluated. This also means that if the chain is a drop chain you loose the packets. In that case you really want to use a custom chain and jump to it in your filter chain. miniupnpd should save all accept rules in that custom chain.
For NAT it is the same, a second chain will also evaluate the packets again and therefore it is possible that a second SNAT or DNAT is performed. For NAT it is the same, a second chain will also evaluate the packets again and therefore it is possible that a second SNAT or DNAT is performed.